Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Introduction to Linux - A Hands on Guide

This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.

I am running httpd 2.0.51 (RHEL 4).I am trying to protect certain directory
using .htaccess.Clients are seeing login Box but they are not able to login.As
with basic authentication,i am using passwd.It seems it is not able to excute
SUEXEC. When i see the error log,it gives error that user not found in MySQL.I configured Basic Authentication using .htaccess referrring file passwd which is bring generated by htpasswd.
Any1 out here to help.

I also of the same view that it is authenticating from MySQL.But i have not mentioned it anywhere.is there any place in httpd.conf to set authentication type?I mentioned Basic Authentication in my .htaccess.
As asked by you,i am pasting my error log entries

The .htaccess file directives are not being understood since the apache configuration has not probably either not included mod_auth, or excluded it for the path / virtualhost. ( See the entry at 12:58:37 ).

The application (in /var/www/html/portal.ofb.net) is trying to use mysql and failing due to an improper setup. Did you forget to configure the access to the mysql database the application requires?

You will want to check the 'AllowOverride' directive, and its use for the particular virtualhost / directory.

You will also want to look up the documentation for the 'portal.ofb.net' application / check with the developers for any Mysql database connections it needs.

i will just give a try and get back to you."AllowOverride Authconfig" is written inside <directory /var/www/html> which is root for Web Server.Portal.ofb.net is a virtual host with DocumentRoot </var/www/html/portal.ofb.net>.I have not mentioned any <Directory> inside this virtual host.What i think that above setup(Authconfig in web server root) will suffice.Any way i will check all the hints you gave.

Every1 told its going to be very easy but i dont know y it has created so much trouble in my case.There is a directory "conf.d" in which several configuration files are stored which are loaded at runtime.I commented the line in "auth_mysql.conf" which was loading the MySQL module.The README(inside conf.d)says that these modules will be loaded alphabatically(i am not sure what does that really mean?.NOW,MySQL is not authenticating all the user BY DEFAULT.
I added
<Directory "/var/www/html/portal.ofb.net">
AllowOverride AuthConfig
</Directory>
inside <Virtual host> portal.ofb.net </Virtual host>.
keeping AuthConfig inside Virtual Host is a better and more logical way.